For PROSHRED®, it is our job to ensure your business is in compliance with sensitive information laws. We make sure the information delivered to us from our clients is destroyed on-site every time. We are continuously looking to improve our process to ensure that our on-site shredding service is the best in the industry and our clients’ compliance remains intact and their information is protected. As our clients’ information security partner, we also are looking for ways to enhance security in other areas of their business; these services now include hard drive and electronics destruction, on-going business shredding, residential shredding, community events and now a very important solution in the area of Breach Reporting.
Affordable With No Hidden Charges
This service is very affordable, our locations always have trucks on stand-by to do a purge or one-time shredding service for our clients. Unlike many of our competitors, we don’t charge fuel surcharges or any other hidden fees.
5 Things You Need To Know
- What types of Personally Identifiable Information (PII) are involved with when an incident occurs? Remember, PII can include DEIN numbers, Bank account numbers, and other Corporate data as well as data you collect from your clients, for example, credit card numbers and social security numbers as a couple examples.
- In the event of a breach or suspected breach, you will need to be prepared to provide CSR with information about your company, for example Contact names, a description of the incident, and the type of incident (commercial or consumer).
- When you call CSR, a CSR Professional will assess the situation, determine which authorities need to be contacted, and the timelines involved.
- There might be other requirements that need to be thought of, such as reporting to credit card agencies.
- CSR may have other services that they can help you with such as staff training, policy development, and forensic investigation to name a few.
Some Examples of Breaches and The Costs Associated
Vermont Grocer Fined $15,000
Incurred Another $15,000 to Implement New System
- Penalized for slow data breach response, Natural Provisions violated state’s Security Breach Notice Act and Consumer Protection Act, failed to protect consumer data, and was required to implement a new POS system.
- Natural Provisions stated the breach occurred because it “was unaware of legal obligations due to data breach…”
Small Business Data Breach Triggers $50,000 Fine
- The Hospice of North Idaho agreed to pay the U.S. Department of Health and Human Services $50,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule after a laptop was stolen containing sensitive information of 441 patients.
- The hospice had not conducted a risk analysis to safeguard electronic Protected Health Information (ePHI) and did not have policies or procedures in place to address mobile device security as required by the HIPAA Security Rule.